Lieberman assails progress in securing IT infrastructure
- By William Jackson
- Mar 22, 2004
Saying that 'far too little progress has been made' in securing critical IT infrastructure, Sen. Joseph I. Lieberman (D-Conn.) is demanding explanations from Homeland Security secretary Tom Ridge.
In a March 19 letter to Ridge, Lieberman, ranking Democrat on the Governmental Affairs Committee, said the administration has been running in place and is no closer to implementing the National Strategy to Secure Cyberspace than it was last year.
The Homeland Security Department, formed one year ago, has been given responsibility for implementing the strategy. Lieberman complained that little has been done to turn the strategy's 'vague generalities' into concrete programs. In a lengthy list of questions, he asked for updates on DHS efforts to prioritize key infrastructures, develop plans to improve security and to create effective partnerships with the private sector.
DHS has not yet responded to the request.
The department convened a National Cybersecurity Summit with IT industry leaders in December. A number of industry-led task forces were formed to produce plans for implementing the strategy. The first two plans, outlining efforts to improve public awareness and establish early warning systems, were released last week. Three more reports are due to be released over the next few weeks.
Lieberman called the efforts too little, too late, saying they lacked concrete plans and ignored large portions of the nation's critical infrastructure. He questioned DHS' level of engagement in the process.
The letter requests detailed explanations of:Efforts to secure the Internet and develop security contingency plans, along with a timetable and deadlines for the process and metrics to measure achievementEfforts to secure digital control systems, along with timetables, deadlines and metricsEfforts to remediate software vulnerabilities in existing systems and improve the quality of software developmentThe purpose of the U.S. CERT and its relationship with the ongoing CERT Coordination Center at Carnegie Mellon UniversityDHS efforts to address privacy concerns that have slowed cooperation of the private sector in sharing vulnerabilitiesThe status of the Cyber Warning and Information Network and its relationship to the Early Warning Alert Network proposed last week by the National Cyber Security PartnershipDHS efforts to improve public awareness and professional trainingThe status of IT security research and development programs
William Jackson is a Maryland-based freelance writer.